5.7 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
9.0%
Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.
akka.io/security/alpakka-kafka-cve-2023-29471.html
github.com/akka/alpakka-kafka/issues/1592